antivir已经修复对nspack（北斗）的误报

mofunzone

在反应这个问题3天之后得以解决，现在antivir已经修复了对nspack的误报问题，大家可以放心的用北斗加壳了
File:         TASKMAN.EXE
Status:         INFECTED/MALWARE
MD5         87f24d64082b6bb9c914e1a4aea88f9d
Packers detected:         PE_PATCH, NSPACK

Scanner results
Scan taken on 17 Mar 2007 18:04:53 (GMT)
AntiVir         Found nothing
ArcaVir         Found Heur.Win32
Avast         Found nothing
AVG Antivirus         Found nothing
BitDefender         Found nothing
ClamAV         Found nothing
Dr.Web         Found nothing
F-Prot Antivirus         Found Possibly a new variant of W32/Threat-SysVenFakN-based!Maximus
F-Secure Anti-Virus         Found nothing
Fortinet         Found nothing
Kaspersky Anti-Virus         Found nothing
NOD32         Found nothing
Norman Virus Control         Found nothing
Panda Antivirus         Found nothing
VirusBuster         Found Packed/NSPack
VBA32         Found nothing
=================================================================
File:         amcap.exe
Status:         INFECTED/MALWARE
MD5         aa8fd847ddf792fe2fd0fa811bfebd75
Packers detected:         PE_PATCH, NSPACK

Scanner results
Scan taken on 17 Mar 2007 18:09:09 (GMT)
AntiVir         Found nothing
ArcaVir         Found Heur.Win32
Avast         Found nothing
AVG Antivirus         Found nothing
BitDefender         Found nothing
ClamAV         Found nothing
Dr.Web         Found nothing
F-Prot Antivirus         Found nothing
F-Secure Anti-Virus         Found nothing
Fortinet         Found nothing
Kaspersky Anti-Virus         Found nothing
NOD32         Found nothing
Norman Virus Control         Found nothing
Panda Antivirus         Found nothing
VirusBuster         Found Packed/NSPack
VBA32         Found nothing
============================================================
Complete scanning result of "TASKMAN.EXE", received in VirusTotal at 03.17.2007, 19:06:00 (CET).
Antivirus        Version        Update        Result
AhnLab-V3        2007.3.17.0        03.16.2007        no virus found
AntiVir        7.3.1.43        03.17.2007        no virus found
Authentium        4.93.8        03.17.2007        Possibly a new variant of W32/Threat-SysVenFakN-based!Maximus
Avast        4.7.936.0        03.16.2007        no virus found
AVG        7.5.0.447        03.17.2007        no virus found
BitDefender        7.2        03.17.2007        no virus found
CAT-QuickHeal        9.00        03.15.2007        (Suspicious) - DNAScan
ClamAV        0.90.1        03.17.2007        no virus found
DrWeb        4.33        03.17.2007        no virus found
eSafe        7.0.14.0        03.16.2007        no virus found
eTrust-Vet        30.6.3486        03.16.2007        no virus found
Ewido        4.0        03.17.2007        no virus found
FileAdvisor        1        03.17.2007        no virus found
Fortinet        2.85.0.0        03.17.2007        suspicious
F-Prot        4.3.1.45        03.17.2007        W32/Threat-SysVenFakN-based!Maximus
F-Secure        6.70.13030.0        03.16.2007        no virus found
Ikarus        T3.1.1.3        03.17.2007        Backdoor.Win32.Hupigon.BV
Kaspersky        4.0.2.24        03.17.2007        no virus found
McAfee        4986        03.16.2007        New Malware.aj
Microsoft        1.2306        03.17.2007        no virus found
NOD32v2        2123        03.17.2007        no virus found
Norman        5.80.02        03.16.2007        no virus found
Panda        9.0.0.4        03.17.2007        Suspicious file
Prevx1        V2        03.17.2007        no virus found
Sophos        4.15.0        03.13.2007        Mal/Packer
Sunbelt        2.2.907.0        03.16.2007        no virus found
Symantec        10        03.17.2007        no virus found
TheHacker        6.1.6.076        03.15.2007        no virus found
UNA        1.83        03.16.2007        no virus found
VBA32        3.11.2        03.16.2007        no virus found
VirusBuster        4.3.7:9        03.17.2007        Packed/NSPack

Aditional Information
File size: 10052 bytes
MD5: 87f24d64082b6bb9c914e1a4aea88f9d
SHA1: 96415939593e32bb73ca28c30236ac8b6c54ed91
packers: NSPACK
==============================================================
A listing of files alongside their results can be found below:File ID         Filename         Size (Byte)        Result
222376         NOTEPAD.EXE         47.839         FALSE POSITIVE



Please find a detailed report concerning each individual sample below: Filename        Result
NOTEPAD.EXE         FALSE POSITIVE


The file 'NOTEPAD.EXE' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection is removed from our virus definition file (VDF) with the version: 6.38.0.69 .

至于eq2的联合加壳大法，antivir的回应主要就是两点，第一就是文件已经损坏，第二就是为了不影响基因启发的准确性，故不予以处理

cxcx3

呵呵 支持红伞  支持M版

周杰伦

恩，修正误报就好了

shardineblog

好消息啊。

The EQs

LZ就在这里慢慢YY吧。。。。随便发一个加了北斗的文件给你。。。

The EQs

随便发一个北斗＋仙剑的文件

绅博周幸

原帖由 EQ2 于 2007-3-18 08:51 发表
随便发一个北斗＋仙剑的文件

自己加壳工具本身有问题，偶用北斗加壳就不报。

绅博周幸

EQ兄最好用纯净的加壳工具，某些旁门左道的破解或者来路不正的加壳工具容易有后门。 还有偶用自己下载的仙剑＋北斗＋铁甲等加壳工具混合加壳，正常的文件红伞也不报的，说明什么问题？？只能说明你的加壳工具有问题，还有偶绝对不会相信你的测试结果的，没什么权威性和中立性，如果是偶搞测评，也会被某些NOD32的粉丝说是红伞枪手的。

[ 本帖最后由 绅博周幸 于 2007-3-18 09:15 编辑 ]

The EQs

你就慢慢在这里狡辩吧。。。。反正现在也没人和你讨论。。。

绅博周幸

原帖由 EQ2 于 2007-3-18 09:14 发表
你就慢慢在这里狡辩吧。。。。反正现在也没人和你讨论。。。

偶到觉得EQ兄有些强词夺理了，希望据实说话啊，你的加壳工具如果没有问题的话，偶绝对相信的的结果，但是加壳工具都有问题，结果很难让人信服啊